Method and apparatus for making system constraint of a specified permission in the digital rights management

ABSTRACT

A method and a terminal device for making multi-system constraint of a specified permission in a digital rights. A rights object related to content object is obtained by an executing device. The specific permission descriptions of the rights object include system constraint descriptions of a plurality of systems of the same type. The executing device obtains a corresponding system information in the device according to the system constraint descriptions and compares the system information in the device with the system information in the system constraint descriptions, so as to judge whether there is any system permitted in system constraint descriptions. If yes, it determines to permit executing the specific permission for the content object; otherwise, it determines not to permit executing said specific permission for the content object.

RELATED APPLICATIONS

This patent application makes reference to, claims priority to andclaims benefit from Chinese Patent Application No. 200510092506.0 filedon Aug. 15, 2005, which is explicitly incorporated herein by referencein its entirety.

FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT

[Not Applicable]

MICROFICHE/COPYRIGHT REFERENCE

[Not Applicable]

BACKGROUND OF THE INVENTION

The present invention relates to digital rights management technology inthe fields of computer and communications, and more particularly to amethod for making system constraint of a special permission in digitalrights and an apparatus for implementing the method.

With the development of the network, the contents over the network arebecoming more and more richer and colorful. In order to protect digitalcontents, the Digital Rights Management (sometimes referred to as “DRM”)has been applied more and more widely.

The system constraints of play, display, export, and execute permissionscan be made in the current rights. For export permission, for example,the DRM system to which the contents are exported can be constrained,that is, the DRM contents can only be exported to other DRM systemsspecified in the rights. In a rights object, specific descriptions of aconstrained system are commonly using a plurality of sub-elementsjointly, for example, an element <version> together with an element<uid> can be used to describe a specific system. For instance, if it isdesired to constraint the DRM contents to be exported only to the DRMsystem for XYZ 1.0, a description can be made in RO as follows:<oma-dd:export oma-dd:mode=”move”> <o-ex:constraint> <oma-dd:system><o-ex:context> <o-dd:version>1.0</o-dd:version> <o-dd:uid>XYZ</o-dd:uid></o-ex:context> </oma-dd:system> </o-ex:constraint> </oma-dd:export>

BRIEF SUMMARY OF THE INVENTION

In a practice application condition, multi-system constraints may needto be constrained under a specific permission in a rights object in acertain condition, such as it is needed to specify that DRM contents ina terminal can be exported to a DRM system for ABC2.0 or XYZ1.0; and inother conditions, multi-system constraints of different types may alsoneed to be constrained, for example, it needs to be constrained in playpermission; the content object can be played only in RealPlayer1.0 orMP3 2.0 in a player and symbian4.0 or symbian5.0 in an operating system.However, the prior art can only constraint a single system, and cannotsatisfy such requirements.

A method for making multi-system constraint of a specific permission ina digital rights is provided, which includes the following steps:

obtaining a rights object related to a content object by an executingdevice, system constraint descriptions of a plurality of systems of thesame type are included in specific permission descriptions of the rightsobject; obtaining a corresponding system information in the executingdevice by the executing device according to said system constraintdescriptions; and

comparing the system information in the executing device with systeminformation in said system constraint descriptions by the executingdevice, so as to judge whether there is a permitted system in systemconstraint descriptions in the executing device, and determines topermit executing said specific permission for the content object if bothare the same, otherwise, determines not to permit executing saidspecific permission for the content object.

A multiple pairs of grammar elements for separating a specific systeminformation are included in system constraint descriptions of saidspecific permission descriptions, each pair of grammar elementsidentifies a specific information of a system constraint, and saidexecuting device parses the descriptions between each pair of grammarelements to obtain a specific information of each system.

According to the presently described technology, a method for makingmulti-system constraints of a specific permission in a digital rights isfurther provided, comprising the following steps:

obtaining a rights object related to a content object by an executingdevice, system constraint descriptions of a plurality of different typesof systems are included in a specific permission description of therights object;

obtaining the corresponding system information of each type in theexecuting device by the executing device according to said systemconstraint descriptions;

selecting a type of constrained system as a current constrained system;and

comparing a corresponding type of the system information in theexecuting device with system information in the current constrainedsystem, so as to judge whether there is a same system that coincideswith the current constrained system in the executing device, anddetermines to permit executing said specific authority for the contentobject if both are the same, otherwise, determines not to permitexecuting said specific permission for the content object.

A multiple pairs of grammar elements for separating a system constraintdescriptions are included in said specific permission descriptions, andthe type of the constrained system is described in the grammar elementsfor separating a system constraint descriptions.

The system information of a plurality of constrained systems is includedin the system constraint descriptions of at least one type ofconstrained system; when the executing device judges that there is asystem constraint met with any one system constraint in the type ofconstrained system, it determines that there is a permitted system inthe type of constrained system.

A multiple pairs of grammar elements for separating specific informationof the system are included in the system constraint descriptions of atleast one type of constrained system, each pair of grammar elementsidentifies a specific information of a constrained system in this typeof constrained system, and said executing device parses the descriptionsbetween each pair of grammar elements for separating a specificinformation of systems to obtain a specific information of each system.

The system information in said system constraint description is asoftware system information or a hardware system information related tothe executed content object.

An implement method for making multi-system constraint of a specificpermission in a digital rights management is further provided,comprising the steps of:

generating a rights object related to a rights content object;

describing system information of a plurality of systems of the same typein the specific permission of the rights object;

saving the rights object and correlating it with a corresponding contentobject;

when downloading said content object, transmitting the rights object tothe executing device of the content object;

judging by the executing device whether there is a system permitted inthe system constraint descriptions in the executing device; and

determining whether executing the specific rights for said contentobject is permitted based on the result of the judgment.

According to the presently described technology, an implement method formaking multi-system constraint of a specific permission in the digitalrights management is further provided, comprising the steps of:

generating a rights object related to a content object;

describing system constraint information of a plurality of systems ofdifferent types in the specific permission of the rights object;

saving the rights object and correlating the rights object with thecorresponding content object;

when downloading said content object, transmitting the rights object tothe executing device for receiving the content;

judging by the executing device whether there is a system permitted inthe constrained system of each type in the executing device; and

determining whether executing the specific permission for said contentobject is permitted based on the result of the judgment.

According to the presently described technology, a terminal device isprovided, characterized in that said terminal device comprises:

a digital rights management agent module for processing a rights objectrelated to a content object;

a system information collecting module for obtaining a correspondingsystem information in the terminal device according to system constraintdescriptions of a plurality of systems of the same type in a specificpermission descriptions in the rights object.; and

a permission authentication module for judging whether there is a systempermitted in a system constraint description in the terminal deviceaccording to the system information in the terminal device and thesystem information in said system constraint description, and fordetermining whether executing said specific permission for the objectcontent is permitted according to the result of the judgment.

According to the presently described technology, a second terminaldevice is further provided, characterized in that said terminal devicecomprises:

a digital rights management agent module for processing a rights objectrelated to a content object;

a system information collecting module for obtaining correspondingsystem information in the terminal device according to system constraintdescriptions of a plurality of systems of different types in specificpermission descriptions in the rights object; and

a permission authentication module for judging whether there is a systempermitted in each type of constrained system in the system constraintdescriptions in the terminal device according to the system informationin the terminal device and the system information in said systemconstraint descriptions, and determining whether executing said specificpermission for the object content is permitted according to the resultof the judgment.

The system information collecting module and the permissionauthentication module in the terminal devices can be included in thedigital rights management agent module.

A plurality of constrained systems of the same type can be describedunder the specific permission of the rights object according to thepresently described technology. The multi-system constraint under thespecific permission can be implemented by the executing device throughobtaining the system information in the executing device to judgewhether there is a permitted system therein.

A plurality of constrained systems of different types can also bedescribed under the specific permission of the rights object accordingto the presently described technology. The multi-system constraintsunder the specific permission can be implemented by the executing devicethrough obtaining the system information in the executing device tojudge whether there is a permitted system in the constrained systems ofeach type, and a plurality of systems can also be included in the sametype of the system constraint descriptions.

Thus, the presently described technology can not only be easilyrealized, but also have more flexibility and high reliability ascompared to the conventional technology. Requirements of differentapplication condition for constrained rights can be met by using thepresently described technology.

BRIEF DESCRIPTION OF SEVERAL VIEWS OF THE DRAWINGS

FIG. 1 is a schematic diagram of a system networking for makingmulti-system constraints for a specific permission in digital rightsmanagement according to an embodiment of the present invention.

FIG. 2A is a flow chart of a method for making a constraint of aplurality of system of the same type for a specific permission on anetwork side according to an embodiment of the present invention.

FIG. 2B is a main flow chart of a method for making a constraint of aplurality of system of the same type for a specific permission on aterminals side according to an embodiment of the present invention.

FIG. 3 is the schematic diagram of a structure of a terminal device forimplementing a plurality of system constraint of the same type under aspecific permission according to an embodiment of the present invention.

FIG. 4 is a flow chart for making a constraint of a plurality of systemfor a specific permission on the network side according to an embodimentof the present invention.

FIGS. 5A and 5B are main flow chart for making a constraint of aplurality of system of different types for a specific permission on aterminals side according to an embodiment of the present invention,respectively.

FIG. 6 is a schematic diagram of the structure of a terminal device forimplementing a plurality of system constraint of different types for aspecific permission according to an embodiment of the present invention.

DETAILED DESCRIPTION OF THE INVENTION

In order to make multi-system constraints for a specific permission, aplurality of constrained systems are described respectively for aspecific permission of a rights object (sometimes referred to as “RO”)according to the presently described technology. Information of eachconstrained system obtained after describing is parsed by an executingdevice for processing the rights object, and then is determined whetherit permits a content object to be executed for a specific permission byobtaining the system information in the device. The specific permissioncan be play permission, display permission, or execute permission andthe like. The system information in the system constraint descriptionscan be software system information related to the executed contentobject, which is information for constraining a software system, and canalso be hardware system information related to an executed contentobject, which is information for constraining hardware system.

On the network side, a rights issue (sometimes referred to as “RI”)system can generate a rights object according to an information relatedto a content object. The description information of a plurality ofsystem constraints can be included in the specific permission of therights object. The rights object and the corresponding content objectare saved and related with each other. During the process of a user'sterminal device downloading the content object, the rights object can betransmitted to the user's terminal device, parsed and processed by theuser's terminal device.

A plurality of constrained systems can be a plurality of constrainedsystems of the same type, such as a plurality of constrained systemsbelonging to operating systems or player systems. A plurality ofconstrained systems can also be a plurality of constrained system ofdifferent types (i.e. multiple kinds of constrained systems). Forexample, there can be constrained operating systems as well asconstrained player systems. A plurality of constrained system can alsobe included in a certain type of a constrained system. For example, theplayers for RealPlayer and MP3 are constrained in a system of a type ofplayers.

Referring to FIG. 1, it shows a schematic diagram of a system networkingfor making multi-system constraints for a specific permission in DigitalRights Management, wherein a terminal device, a server, and a rightsissue system (RI) are interconnected by the network.

EMBODIMENT 1

This embodiment will be explained by example of a plurality ofconstrained systems of the same type included for a specific permissionof a rights object.

For multi-system constrains of the same type, a multiple pair of grammarelements for separating the specific system information are used for thespecific permission in the rights object. Each pair of the grammarelements identifies a specific system information. For example,according to the number of the constrained systems, appearance numbersof the element <context> in element <system> in a rights object areexpanded, so that the information of a constrained system is describedin each pair of elements <context>.

Referring to FIG. 2A (with reference to FIG. 1), on the network side, aflow chart for implementing multi-system constraints of the same typefor a specific permission in the digital rights management is shown asfollows:

At step 100, a rights object related to a rights content object isgenerated in a rights issue system RI, and the system information of aplurality of systems of the same type, which need to be constrained, aredescribed in a specific permission descriptions of the rights object.

At step 110, the generated rights object is saved, and is correlatedwith a corresponding content object.

At step 120, the rights object is transmitted to a terminal device whichreceives contents when the terminal device is downloading the contentobject.

At step 130, the terminal device that has received contents obtains asystem information corresponding to the terminal device according tocorresponding system information in the terminal device obtained fromsystem constraint description information, compares the systeminformation in the terminal device with the system information in saidsystem constraint description information, so as to judge whether thereis a system permitted in the system constraint descriptions in theterminal device, and determine whether executing said permission forsaid content object is permitted according to the result of thejudgment.

Referring to FIG. 2B, the procedure for processing multi-systemconstraint for a specific permission by the terminal device is asfollows:

At step 200, a terminal device receives a rights object related to acontent object. System constraint descriptions of a plurality of systemsof the same type are included in a specific permission description ofthe rights object. The terminal device, which can be, for example, amobile telephone or the like, is generally referred to as an executingdevice.

At step 210, the terminal device parses the system constraintdescriptions information of each constrained system for a specificpermission in the rights object.

At step 220, the terminal device obtains a corresponding systeminformation in the terminal device according to the system constraintdescription information.

At step 230, a first constrained system for the specific permission isselected as the current constrained system.

At step 240, the terminal device compares the system information in theterminal device with the system information in the current constrainedsystem, so as to judge whether there is a system coincided withrequirements of the current constrained system. If yes, process entersinto step 250, i.e., there is a permitted system the same as the currentconstrained system in the terminal device; otherwise, process entersinto step 260.

At step 250, the terminal device determines to permit executing saidspecific permission for the content object, and the judging procedure isended.

At step 260, it is to judge whether there is a constrained system notbeen compared with, if yes, the process enters into step 270, otherwiseit enters into Step 280.

At step 270, a next constrained system not been compared with isselected as the current constrained system, and the process returns tostep 240.

At step 280, the terminal device determines not to permit executing saidspecific permission for the content object, and the judging procedure isended.

Taking the case in which DRM contents in a specified terminal device canbe exported to the DRM system for ABC2.0 or XYZ1.0 as an example,expanding appearance numbers of the element <context> in element<system> in the rights is used to describe multi-system constrain, thedescription can be made as follows: <oma-dd:export oma-dd:mode=”move”>// an executing permission <o-ex:constraint> <oma-dd:system><o-ex:context> <o-dd:version>1.0</o-dd:version> <o-dd:uid>XYZ</o-dd:uid></o-ex:context> <o-ex:context> <o-dd:version>2.0</o-dd:version><o-dd:uid>ABC</o-dd:uid> </o-ex:context> </oma-dd:system></o-ex:constraint> </oma-dd:export>

For a terminal device of which the DRM system is OMA DRM 2.0 and aterminal device of which the DRM system is ABC 2.0, the terminal deviceof OMA DRM 2.0 learns firstly that it is a permission for exporting acontent when processing the segment of description, then learns from asystem constraint description any one of DRM systems wherein a rightscontent is only permitted to be exported to XYZ1.0 and ABC 2.0. Theterminal device confirms that a DRM system in a device of an oppositeend is ABC 2.0 when the terminal device is ready to export the rightscontent; and then determines that the DRM system is a constrained systempermitted in the rights object, thus determines to permit to execute theexport.

For a terminal device of which the DRM system is OMA DRM 2.0 and aterminal device of which the DRM system is DEF 2.0, the terminal deviceof OMA DRM 2.0 learns firstly that it is a permission for exporting acontent when processing this segment of description; then learns fromthe system constraint description any one of the DRM systems wherein therights content is only permitted to be exported to XYZ1.0 and ABC 2.0.Then the terminal device makes sure that a DRM system in a device of anopposite end is DEF 2.0 when the terminal device is ready to export thecontent; and determines that there is no constrained system permitted inthe rights object in the opposite terminal device, thus determines notto permit for executing the exporting.

Referring to FIG. 3, a terminal device 60 for implementing saidmulti-system constraints of the same type for a specific permissionincludes: a digital rights management agent module 610, a systeminformation collecting module 620, and a system information judgingmodule 630. The system information collecting module 620, the systeminformation judging module 630 and the digital rights management agentmodule 610 can have a logical connection relation with each other.Preferably, the system information collecting module 620 and the systeminformation judging module 630 are included in the digital rightsmanagement agent module 610.

The digital rights management agent module 610 is used to processparsing the rights object related to the content, and makes theterminals use the content according to the corresponding permissionspecified in the rights.

The system information collecting module 620 obtains the correspondingsystem information in terminal device 60 according to multi-systemconstraint description of the specific permission descriptions in therights object.

The system information judging module 630 compares the systeminformation obtained by the system information collecting module 620with the system information in multi-system constraint description, soas to judge whether there is any one constrained system permitted in thesystem constraint description in the terminal device 60, and determineswhether the specific permission is executed for the object contentaccording to the result of the judgment. The digital rights managementagent module 610 is informed to execute the specific rights for thecontent object if the result of the judgment is that there is a systempermitted in system constraint description; otherwise the digital rightsmanagement agent module 610 informed to give up executing the specificpermission for the content object.

EMBODIMENT 2

The embodiment is explained by an example wherein a plurality ofconstrained systems of different types are included for a specificpermission of a rights object and information collecting constrainedsystems of the same type may include a plurality of constrained systems.

For a plurality of constrained systems of different types, multiplepairs of grammar elements for separating the system constraintdescription are used in the description for the specific permission, andthe type of the constrained system is described in the grammar elementsfor separating the system constraint description. For example, thedescriptions of the type of the constrained system such as “OS”,“Player”, “DRMSYS”, or the like, are added following the element<system>. Wherein the “OS” explains the constraint for the operatingsystem, the “Player” explains the constraint for the player, and the“DRMSYS” explains the constraint for other DRM systems. These key wordsfor explaining the type of the system constraint can be extendedaccording to requirements. In addition, if the element <uid> itself canindicate the type of the constrained system, the description of the typeof the constrained system will not be added following the element<system>. Thus, for systems of different type, descriptions are made fordifferent elements <system> respectively.

Referring to FIG. 4 (in conjunction with FIG. 1), procedures forimplementing multi-system constraints of different types for a specificpermission in the digital rights management on the network side are asfollows:

At step 300, a rights object related to a content object is generated ina rights issue system, and system information of a plurality of systemsof different types, which need to be constrained, are described in thespecific permission descriptions of the rights object.

At step 310, the generated rights object is saved and is correlated witha corresponding content object.

At step 320, said rights object is transmitted to a terminal device forreceiving contents when the terminal device is downloading the contentobject.

At step 330, the terminal device for receiving contents judges whetherthere is a system permitted in constrained systems of each type in theterminal device, and determines whether executing said specificpermission for said content object is permitted according to the resultof the judgment.

Referring to FIG. 5A, procedures for processing multi-system constraintsof different types for a specific permission by the terminal device areas follows:

At step 400, the terminal device receives the rights object related tothe content object, and system constraint descriptions of a plurality ofsystems of different types are included in the specific permissiondescriptions of the rights object. The terminal device, such as a mobiletelephone or the like, is referred to as an executing device generally.

At step 410, the terminal device parses system constraint descriptionsinformation of constrained systems of each type for a specificpermission of the rights object.

At step 420, the corresponding system information of each type ofsystems is obtained from the terminal device according to systemconstraint description information.

At step 430, a type of constrained system is selected from a pluralityof systems of different types in the specific permission as a currentconstrained system.

At step 440, a corresponding type of system information in the terminaldevice is compared with the system information in the currentconstrained system, so as to judge whether there is a same system as thecurrent constrained system in the terminal device. If yes, the processenters into step 460, otherwise, the process enters into step 450.

At step 450, the terminal device determines that the requirement forexecuting a permission is not met, it does not permit executing saidspecific permission for the content object, and then ends the judgingprocedure.

At step 460, it is judged whether there is another constrained systemnot been compared with, if yes, the process enters into step 470,otherwise, the process enters into step 480.

At step 470, a type of the constrained system not been compared with isselected as a current constrained system, and then returns to step 440.

At step 480, the terminal device determines that the requirement forexecuting a specific permission is met and permits executing saidspecific permission for the content object, and ends the judgingprocedure.

In addition, the rights object supports to constraint a plurality ofsystem for each type of systems while it supports to constraint aplurality of system of different types for a specific permission. Inthis miner, the processing flow chart slightly differs from that shownin FIG. 5A. Referring to FIG. 5B, the processing chart is as follows:

At step 500, the terminal device receives the rights object related tothe content object, and system constraint descriptions of a plurality ofsystems of different types are included in specific permissiondescriptions of the rights object, wherein one or more types ofconstrained systems include a plurality of constrained systems.

At step 510, the terminal device parses system constraint descriptioninformation of each system included in each type of constrained systemsfor a specific permission of the rights object.

At step 520, a corresponding system information of each type of thesystems is obtained from the terminal device according to a systemconstraint description information.

At step 530, a constrained system in a type of constrained systems isselected from a plurality of systems of different types in the specificpermission as the current constrained system.

At step 540, the corresponding type of systems in the terminal device iscompared with the current constrained system, so as to judge whetherthere is a permitted system as same as the current constrained system inthe terminal device. If yes, the process enters into step 570,otherwise, the process enters into step 550.

At step 550, it is judged whether there is a constrained system not beencompared with this type of the constrained systems. If yes, the processenters into step 560, otherwise, the process enters into step 595.

At step 560, another constrained system not been compared with in thistype of constrained systems is taken as the current constrained system,and it is continued to execute step 540.

At step 570, it is judged whether there is a constrained system of othertype not been compared with. If yes, the process enters into step 580,otherwise, the process enters into step 590.

At step 580, a constrained system in a type of constrained systems notbeen compared with is taken as the current constrained system, and it iscontinued to execute step 540.

At step 590, the terminal device determines that the requirement forexecuting the permission is met and permits executing said specificpermission for the content object, and then the judging procedure isended.

At step 595, the terminal device determines that the requirement forexecuting the permission is not met, it does not permit executing saidspecific permission for the content object, and then the judgingprocedure is ended.

The description modes for multi-system constraints in each type ofsystems are similar with the embodiment 1, thus two description modescan be used to describe multiple types and multi-system constraintsaccordingly.

For example, a permission object needs constraint for the playpermission as follows: this content can only be played in a player forRealPlayer1.0, MP3 2.0 and an operating system for symbian4.0 orsymbian5.0. Accordingly, the description of the specific segment RO canbe made by two modes:

A first mode: <o-ex:permission> <o-dd:play> <o-ex:constraint><oma-dd:system type=”PLAYER”> <o-ex:context><o-dd:version>1.0</o-dd:version> <o-dd:uid>realplayer</o-dd:uid></o-ex:context> <o-ex:context> <o-dd:version>2.0</o-dd:version><o-dd:uid>mp3</o-dd:uid> </o-ex:context> </oma-dd:system> <oma-dd:systemtype=”OS”> <o-ex:context> <o-dd:version>4.0</o-dd:version><o-dd:uid>symbian</o-dd:uid> </o-ex:context> <o-ex:context><o-dd:version>5.0</o-dd:version> <o-dd:uid>symbian</o-dd:uid></o-ex:context> </oma-dd:system> </o-ex:constraint> </o-dd:play></o-ex:permission>

For a terminal device having a operating system symbian5.0 and a playerMP3 2.0, it is learned firstly that this is a permission for playing acontent when it is processing the segment description; learned from asystem constraint description that a corresponding content object ispermitted to be played only in the player RealPlayer1.0 or MP3 2.0 andthe operating system symbian4.0 or symbian5.0; and then it is obtainedthat the player of the terminal device is MP3 2.0 and the operatingsystem is sysbian5.0 by calling functions; it takes the RealPlayer1.0 inthe player type as the current constrained system, and compares it withplayer MP3 2.0 of the terminal device. If it is found they aredifferent, the next system of player MP3 2.0 in the player type is takenas the current system, and compared it with the player MP3 2.0 in theterminal device. If it is found they are the same, comparison for thenext type of system is performed, and the constrained system symbian4.0in the operating system type is taken as the current constrained system,and compares it with the operating system symbian5.0 of the terminaldevice. If it is found they are different, the next constrainedoperating system sysbian5.0 is taken as the current system to becompared. If it is found they are the same and all types of theconstrained systems have been compared, it finally determines that therequirement for executing the play permission is met, and playing thecontent object is permitted.

In the segment of said rights object, the type of the constrained systemcan be indicated by “type=XXX” or by “mode=XXX”, and can also beindicated by other key words.

A second mode:

The type of the constrained system can be expressed implicitly by usingelement <uid> instead of adding a description evidently in a element<system>. <o-ex:permission> <o-dd:play> <o-ex:constraint><oma-dd:system > <o-ex:context> <o-dd:version>1.0</o-dd:version><o-dd:uid>player/realplayer</o-dd:uid> </o-ex:context> <o-ex:context><o-dd:version>2.0</o-dd:version> <o-dd:uid>player/mp3</o-dd:uid></o-ex:context> </oma-dd:system> <oma-dd:system > <o-ex:context><o-dd:version>4.0</o-dd:version> <o-dd:uid>OS/symbian</o-dd:uid></o-ex:context> <o-ex:context> <o-dd:version>5.0</o-dd:version><o-dd:uid>OS/symbian</o-dd:uid> </o-ex:context> </oma-dd:system></o-ex:constraint> </o-dd:play> </o-ex:permission>

For a terminal device having an operating system symbian5.0 and a playerMP3 1.0, it is learned firstly that this is a permission for playing acontent when this segment description is processed; learned from asystem constraint description that a corresponding content object ispermitted to be played only in the player RealPlayer1.0 or MP3 2.0 andthe operating system symbian4.0 or symbian5.0; and then it is obtainedthat the player in the terminal device is MP3 1.0 and the operatingsystem is sysbian5.0; the RealPlayer1.0 in the player type is taken asthe current constrained system, and compares it with player MP3 1.0 ofthe terminal device. If it is found they are different, next player MP32.0 is taken as the current system, and compares it with the player MP31.0 in the terminal device. If it is found they are different, and theconstrained systems in the player type have been compared, it isdetermined that the requirement for executing the play permission is notmet and successive comparisons will not be made anymore.

Referring to FIG. 6, a terminal device 70 for implementing multi-systemconstraints of different types for a specific permission includes: adigital rights management agent module 710, a system informationcollecting module 720, and a system information judging module 730. Thesystem information collecting module 720, the system information judgingmodule 730 and the digital rights management agent module 710 have alogical connection relation with each other. Preferably, the systeminformation collecting module 720 and the system information judgingmodule 730 are included in the digital rights management agent module710.

The digital rights management agent module 710 is used to processingparsing of the rights object related to the content, and making theterminals use the content according to the corresponding permissionspecified in the rights.

The system information collecting module 720 obtains a correspondingsystem information in terminal device 70 according to the systemconstraint descriptions of a plurality of systems of different types inthe specific permission descriptions in the rights object.

The system information judging module 730 compares the systeminformation obtained by the system information collecting module 720with a constrained system of a corresponding type, so as to judgewhether there is a permitted system in each type of the constrainedsystems in the terminal device 70, and determines whether this specificpermission is executed for the object content according to the result ofthe judgment. If the result of the judgment is that there is a permittedsystem in a system constraint description, the digital rights managementagent module 710 is informed to execute the specific permission for thecontent object; otherwise, to give up executing the specific permissionfor the content object.

In the processing procedure described in embodiments 1 and 2, the orderof the comparisons of the system information in the terminal device withthat of the constrained systems and how to make comparisons will notaffect the implementation of the presently described technology. Anperson of ordinary skill in the art can implement various methods of thecomparisons based on the above description.

It is understood that variant modifications and variations can be madeby a person skilled in the art without departure from the spirit andscope of the presently described technology. Thus, provided that thesemodifications and variations falls into the scope of the claims of thepresently described technology and its equivalent, it is intended tocover all these modifications and variation.

1. A method for making multi-system constraint of a specific permissionin a digital right, comprising: obtaining a rights object related to acontent object by an executing device, wherein descriptions of aspecific permission of the rights object include system constraintdescriptions of a plurality of systems of the same type; obtainingcorresponding system information in the executing device by theexecuting device according to said system constraint descriptions;comparing the system information in the executing device with the systeminformation in said system constraint descriptions by the executingdevice; judging whether there is a permitted system in said systemconstraint descriptions in the executing device; and determining topermit executing said specific permission for the content object if bothare the same, otherwise, determining not to permit executing saidspecific permission for the content object.
 2. The method according toclaim 1, wherein a multiple pairs of grammar elements for separatingspecific system information are included in said system constraintdescriptions of said specific permission descriptions, each pair ofgrammar elements identifies the specific information of a systemconstraint; and said executing device parses the descriptions betweeneach pair of grammar elements to obtain the specific information of eachsystem.
 3. The method according to claim 1, wherein the systeminformation in said system constraint description is software systeminformation or hardware system information related to the executedcontent object.
 4. A method for making multi-system constraint of aspecific permission in a digital right, comprising: obtaining a rightsobject related to a content object by an executing device, whereindescriptions of a specific permission of the rights object includesystem constraint descriptions of a plurality of systems of differenttypes; obtaining corresponding system information of each type in theexecuting device by the executing device according to said systemconstraint descriptions; selecting a type of constrained system as acurrent constrained system; comparing a corresponding type of the systeminformation in the executing device with system information in thecurrent constrained system; judging whether there is a same systemcoinciding with the current constrained system in the executing device;and determining to permit executing said specific permission for thecontent object if both are the same, otherwise determining not to permitexecuting said specific permission for the content object.
 5. The methodaccording to claim 4, wherein a multiple pairs of grammar elements forseparating system information are included in said specific permissiondescriptions and the type of the constrained system is described in thegrammar elements for separating the system information.
 6. The methodaccording to claim 5, wherein the system information of a plurality ofconstrained systems are included in the system constraint descriptionsof at least one type of the constrained system; and the executing devicedetermines that there is a permitted system in the type of theconstrained system when it judges that there is a system in the type ofthe constrained system in the executing device.
 7. The method accordingto claim 6, wherein a multiple pairs of grammar elements for separatingspecific system information are included in the system constraintdescriptions of at least one type of the constrained systems; each pairof the grammar elements for separating specific system informationidentifies the specific information of a constrained system in theconstrained systems of the type; and said executing device parses thedescriptions between each pair of the grammar elements for separatingspecific system information of systems to obtain the specificinformation of each system.
 8. The method according to claim 5, whereinthe system information in said system constraint description is softwaresystem information or hardware system information related to a executedcontent object.
 9. An implement method for making multi-systemconstraint of a specific permission in a digital rights management,comprising: generating a rights object related to a content object;describing system information of a plurality of systems of the same typein the specific permission of the rights object; saving said rightsobject and correlating said rights object with said content object;downloading said content object; transmitting said rights object to theexecuting device of the content object when downloading said contentobject; judging by the executing device whether there is a systempermitted in the system constraint descriptions in the executing device;and determining whether executing said specific rights for said contentobject is permitted based on the result of the judgment.
 10. The methodaccording to claim 9, wherein a multiple pairs of grammar elements forseparating specific system information are included in said systemconstraint descriptions of said specific permission descriptions, andeach pair of the grammar elements identifies the specific information ofa system constraint.
 11. The method according to claim 9, wherein thesystem information in said system constraint description is softwaresystem information or hardware system information related to theexecuted content object.
 12. An implement method for making multi-systemconstraint of a specific permission in a digital rights management,comprising: generating a rights object related to a rights contentobject; describing system constraint information of a plurality ofsystems of different types in the specific permission of the rightsobject; saving said rights object and correlating it with said contentobject; downloading said content object; transmitting said rights objectto the executing device for receiving the content when downloading saidcontent object, wherein the executing device judges whether there is asystem permitted in the constrained system of each type in the executingdevice, and determines whether executing said specific permission forsaid content object is permitted according to the result of thejudgment.
 13. The method according to claim 12, wherein a multiple pairsof grammar elements for separating specific system information areincluded in said specific permission descriptions, and the types of theconstrained systems are described in the grammar elements for separatingthe specific system information.
 14. The method according to claim 13,wherein a plurality of constrained systems are included in the systemconstraint descriptions of at least one type of the constrained system.15. The method according to claim 14, wherein a multiple pairs ofgrammar elements for separating specific system information are includedin system constraint descriptions of at least one type of theconstrained systems, and each pair of the grammar elements forseparating the specific system information identifies the specificinformation of a constrained system in the type of the constrainedsystems.
 16. The method according to claim 13, wherein the systeminformation in said system constraint description is software systeminformation or hardware system information related to the executedcontent object.
 17. A terminal device, comprising: a digital rightsmanagement agent module configured to process a rights object related toa content object; a system information collecting module configured toobtain corresponding system information in the terminal device accordingto system constraint descriptions of a plurality of systems of the sametype in the descriptions of a specific permission in the rights object;and a permission authentication module configured to judge whether thereis any one system permitted in a system constraint description in theterminal device according to the system information in the terminaldevice and the system information in said system constraint description,and to determine whether executing said specific permission for theobject content is permitted according to the result of the judgment. 18.The terminal device according to claim 17, wherein said systeminformation collecting module and said permission judging module areincluded in said digital rights management agent module.
 19. A terminaldevice comprising: a digital rights management agent module configuredto process a rights object related to a content object; a systeminformation collecting module configured to obtain corresponding systeminformation in the terminal device according to system constraintdescriptions of a plurality of systems of different types in thedescriptions of a specific permission in the rights object; and apermission authentication module configured to judge whether there is asystem permitted in each type of the constrained systems in the systemconstraint descriptions in the terminal device according to the systeminformation in the terminal device and the system information in saidsystem constraint descriptions, and to determine whether executing saidspecific permission for the object content is permitted according to theresult of the judgment.
 20. The terminal device according to claim 19,wherein said system information collecting module and said permissionauthentication module are included in said digital rights managementagent module.